Firewall expert rules & program expert rules

First message I've posted in this forum. I have to laugh, I almost quit before I got started! I had to add zonelabs.org to my trusted sites, add it to my privacy to allow cookies, change the settings on 2 different sites in ZAP sites to even get the "Register new user" button to work!! Unreal. I've used just about every firewall program there is including server based programs for corporations. I run 2 hardware firewalls and have the routers with 10.x.x.x NAT behind a 198.x.x.x NAT. I've read tons of posts &amp; searches including other websites suggested in this user forum and here is my take. I want NOTHING to

Re: Firewall expert rules & program expert rules

I take it the TAB key posts messages.. sorry, I'll continue.I want nothing in or out of my network unless I tell it to do so. The moderator post suggests setting up group expert rules for programs (Outlook specifically) and always use a block all rule at the bottom. Wouldn't it make sense for ZAP to read the program rules first and then the expert rules?? Maybe I'm losing it, but if I only want Outlook to access multiple SMTP &amp; POP servers why would I put the rule in a Firewall group rule? This would allow any other mail client OR program to access those POP3 &amp; SMTP servers. NOT what I want. SO, I put on a program expert rule to allow just Outlook to access those, and in line with several posts I put a block all at the bottom of my firewall expert rules. Hmmm, so since this software firewall (ZAP) reads firewall expert rules first the block all stops any program rules from being executed right? So, what am I missing? What the h*ll good are any of the program expert rules then?? I only want specific applications to have access and I want to block all in my firewall expert rules. Looks like I'm SOL or am I way to tired and missed something?